Zero Day Initiative

TippingPoint Zero Day Initiative

ZDI STATISTICS...

# Created Cases:	2,817
# Researchers:	1,362
Avg. Verification Time:	21 days

RECENT TWEETS...

follow us @thezdi

Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability

ZDI-07-066: November 5th, 2007

CVE ID

Affected Vendors

Affected Products

Vulnerability Details

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exist in the parsing of the PackBitsRgn field (Opcode 0x0099). Due to improper handling of a malformed element in the structure, heap corruption occurs. If properly constructed this can lead to code execution running under the credentials of the user.

Vendor Response

Apple has issued an update to correct this vulnerability. More details can be found at:

http://docs.info.apple.com/article.html?artnum=306896

Disclosure Timeline

Credit

This vulnerability was discovered by:

Published Advisories

ZDI-10-169: Novell

published 2010-09-01

ZDI-10-168: Apple

published 2010-08-31

ZDI-10-167: RealNetworks

published 2010-08-26

ZDI-10-166: RealNetworks

published 2010-08-26

ZDI-10-165: Trend Micro

published 2010-08-25

Upcoming Advisories

reported 2010-08-23, 8 days ago

Mozilla Firefox

reported 2010-08-12, 19 days ago

reported 2010-08-12, 19 days ago

reported 2010-08-12, 19 days ago

reported 2010-07-20, 42 days ago

Recent Press

How Microsoft ranks with the most tardy bug ...

published 2010-08-05, Network World

HP TippingPoint gives deadline to vendors

published 2010-08-05, International Business Times

TippingPoint sets six-month deadline for flaw fixes

published 2010-08-04, V3

HP's Zero Day Initiative Gives Vendors Patching Deadline

published 2010-08-04, CRN

Researchers Throw Down Vulnerability-Disclosure Gauntlet

published 2010-08-04, DarkReading